> > *If you want something done right, make it the easiest thing to do.*
A-colorfulwordofyourchoice-men > Why three? Why not > five? Will two more attempts really help an attacker? It will help > reduce support calls! Here's a though experiment: > > (1) You arrive at work groggy. It's early and you haven't had your > coffee/coke/hot chocolate yet. You mistype your password. > (2) Annoyed, you try again, still groggy. Another mistake. > (3) You're fully awake and nervous. Last chance before you get locked > out. Your hands are shaking, sweat is beading up on your forehead. Your > finger slips and CURSES, LOCKED OUT AGAIN! Time to call support... > I think ReCaptcha after 3 and lockout after an additional 3 is pretty fair is this case. How about you? AJ ONeal
-------------------- BYU Unix Users Group http://uug.byu.edu/ The opinions expressed in this message are the responsibility of their author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG. ___________________________________________________________________ List Info (unsubscribe here): http://uug.byu.edu/mailman/listinfo/uug-list
